Archive

Posts Tagged ‘sed’

useful sed single line examples when clearing embedded trojans or embedded links

June 7th, 2012 No comments

When your site is embedded with some links/trojans by somebody maliciously, the first thing you could think of would mostly like to clear these malicious links/trojans. sed is a useful stream editor based on line, and you would of course think of using sed to do the cleaning job.

Usually, the embedded codes would be several lines of html codes like the following:

<div class=”trojans”>
<a href=”http://www.malicous-site-url.com”>malicous site’s name</a>
blablabla…
</div>

To clear these html codes, you can use the following sed line:
sed  ‘/<div class=\”trojans\”>/,/<\/div>/d’ injected.htm

But usually the injected files are spread across several directories or even your whole website’s directory. You can combine using find and sed together to clean these annoying trojans:

find /var/www/html/yoursite.com/ -type f \( -name *.htm -o -name *.html -o -name *.php \) -exec sed  -i.bak’ /<div class=\”trojans\”>/,/<\/div>/d’ {} \;

Please note I use -i.bak to backup file before doing the replacement.(you should also backup your data before cleaning trojans!)

PS:

For more info about sed examples/tutorials, you may refer to the following two resources:

1.http://sed.sourceforge.net/sed1line.txt

2.http://www.grymoire.com/Unix/Sed.html